Add test for CycloneDX artifacts
What does this MR do?
This MR adds a test to ensure that CycloneDX artifacts are saved
Testing
Tested successfully against gemnasium
, js-npm
and the Dependency-Scanning.gitlab-ci.yml template in this pipeline, with the following successful downstream pipeline.
Also tested against a minimal gemnasium
project and a copy of the downstream js-npm
with the Dependency-Scanning.gitlab-ci.yml
template and .qa-dependency_scanning
contents combined into a single .gitlab-ci.yml with the following results:
- When
EXPECTED_CYCLONEDX_ARTIFACTS
is not set, test passes. - When
EXPECTED_CYCLONEDX_ARTIFACTS
is set and the artifact file is saved, test passes - When
EXPECTED_CYCLONEDX_ARTIFACTS
is set and cyclonedx artifacts are not saved, test fails.
What are the relevant issue numbers?
gitlab-org/gitlab#354863 (closed)
Does this MR meet the acceptance criteria?
Edited by Adam Cohen